Introduction

The Freedom of Information Act establishes a legal right for individuals to obtain records in the possession of government agencies. The FOIA is critical for the functioning of democratic government because it helps ensure that the public is fully informed about matters of public concern. The FOIA has helped uncover fraud, waste, and abuse in the federal government. It has become particularly important in the last few years as the government has tried to keep more of its activities secret.

A hallmark of the new surveillance measures proposed by various government agencies is their disregard for public accountability. As the government seeks to expand its power to collect information about individuals, it increasingly hides that surveillance power behind a wall of secrecy. Congress has long recognized this tendency in the Executive Branch, and sought to limit government secrecy by creating legal obligations of openness under the FOIA and the Privacy Act of 1974. EPIC has used these open government laws aggressively to enable public oversight of potentially invasive surveillance initiatives.

Public access through the FOIA not only allows for a more informed public debate over new surveillance proposals, but also ensures accountability for government officials. Public debate fosters the development of more robust security systems and leads to solutions that better respect the nation's democratic values. EPIC's FOIA litigation activity over the past year has resulted in disclosure of information about several government surveillance programs. The EPIC FOIA Gallery highlights some of the most significant documents we obtained in the past year.

EPIC FOIA: FBI StingRays Capture Cell Phone Traffic

EPIC obtained documents that revealed that agents at the Federal Bureau of Investigation have been using "cell site simulator" technologies, also known as "StingRay," "Triggerfish," or "Digital Analyzers" to monitor cell phones since 1995. Internal FBI e-mails, also obtained by EPIC, reveal that agents went through extensive training on these devices in 2007. In addition, a presentation from the agency's Wireless Intercept and Tracking Team argues that cell site simulators are only legally classified as a "pen register device," making it much easier for the FBI to argue that the agency should be able to use StingRays. Slate recently published two stories on EPIC's StingRay work: one about the FOIA appeal and one about the documents ultimately obtained by EPIC.

New documents obtained by EPIC under the Freedom of Information Act indicate that CBP is operating drones in the United States capable of intercepting electronic communications. The records also suggest that the ten Predator B drones operated by the agency have the capacity to recognize and identify a person on the ground. Approximately 2/3 of the US population is subject to surveillance by the CBP drones. The agency has made the Predator drones available to other federal, state, and local agencies. The records obtained by EPIC raise questions abut the agency's compliance with federal privacy laws and the scope of domestic surveillance.

EPIC FOIA: DHS Monitors Tweets

As the result of EPIC v. DHS, a Freedom of Information Act lawsuit, EPIC continued to obtain documents from DHS following an initial disclosure of nearly three hundred pages detailing the Department's social media surveillance program. Notable among the documents was a list of keywords and phrases that DHS uses to monitor various social networking sites. The documents came from DHS's 2011 Analyst’s Desktop Binder, which is used by analysts to help identify "media reports that reflect adversely on DHS and response activities."

EPIC FOIA: Google Intercepted WiFi Transmissions

During the course of Google's Street View Project, Google was also obtaining a vast amount of Wi-Fi data from Wi-Fi receivers that were concealed in the Street View vehicles. EPIC wrote to the FCC in May of 2010 and urged the Commission to undertake an investigation, which resulted in the Commission undergoing a partial investigation and fining Google $25,000 for obstructing a full investigation. The FCC released a heavily redacted version of its report on the investigation. EPIC filed two FOIA requests in response to the FCC's report: one requesting the full, unredacted version of the Report, and one requesting details of the DOJ's investigation of Google, an investigation which had not been previously disclosed to the public. On April 28, 2012, Google released a complete, unredacted copy of the FCC's report. Significantly, the full report makes clear that Google intentionally intercepted payload data for business purposes and that many supervisors and engineers within the company reviewed the code and the design documents associated with the project.

EPIC FOIA: Terahertz Wave Scanners Surveil Crowds

Terahertz waves sit on the electromagnetic spectrum between microwaves and infrared and can be applied to "see" through solid barriers and identify materials, even in trace amounts. In 2010, a research breakthrough discovered how to use Terahertz technology at a distance of up to 67 feet. The researchers theorized that it would be possible to "identify materials hundreds of feet or even miles away." Terahertz waves detect a unique "fingerprint" that every substance carries, and can determine exactly what compound or compounds are being carried in packages, boxes, clothing, shoes, or backpacks. EPIC has previously obtained documents from the DHS about the Department's development of mobile body scanner and crowd surveillance technology. Those documents made reference to the development of Terahertz, and prompted EPIC to file another FOIA request concerning Teraherz technology. Pursuant to that request, DHS released documentsdetailing its plan to use a multiple surveillance technologies to search people in public spaces. The new documents obtained by EPIC show that the DHS was still pursuing mobile crowd surveillance as recently as 2011. The technologies include "intelligent video," backscatter x-ray, and Millimeter Wave Radar in addition to Terahertz Wave, and could be deployed at subway platforms, sidewalks, sports arenas, and shopping malls.

CPB also released documents to EPIC describing their practice of using automatic license plate readers at the Mexican and Canadian borders. Cameras placed in dozens of U.S. cities take pictures of millions of license plates as they cross the border. The documents released also reveal that CBP shares the collected license plate data not only with the Drug Enforcement Agency, but also the National Insurance Crime Bureau, an Illinois NGO made up of hundreds of private insurance firms - including branches of Allstate, GEICO, Liberty, Nationwide, Progressive, and State Farm.